Computer-implemented methods, systems comprising computer-readable media, and electronic devices for secure multi-datasource query job status notification

ABSTRACT

A computer-implemented method for secure multi-datasource query job status notification that may include automatically accessing notification characteristics for a query job status. Occurrence of the query job status may be automatically determined, and an initial version of a notification at least in part based on the notification characteristics may be automatically generated. A present security level may be automatically determined by analyzing at least one of end user activity and an aspect of an end user computing device. A final version of the notification may be automatically generated at least in party by redacting the initial version based on the present security level. Transmission of the final version of the notification to the end user computing device may be automatically instructed.

RELATED APPLICATIONS 1. Priority Applications

This patent application claims priority to U.S. Patent Application No.62/657,463, entitled COMPUTING DEVICE, SOFTWARE, ANDCOMPUTER-IMPLEMENTED METHOD FOR QUERYING RESTRICTED-ACCESS DATASOURCES,filed Apr. 13, 2018, the entire contents of which is hereby incorporatedherein by reference.

2. Contemporaneously Filed Applications

The present application is filed contemporaneously with three other U.S.patent applications, each claiming priority to U.S. Patent ApplicationNo. 62/657,463, filed Apr. 13, 2018. The entire disclosure of each ofthe aforementioned contemporaneously filed applications is herebyincorporated herein by reference.

FIELD OF THE INVENTION

The present disclosure generally relates to computer-implementedmethods, systems comprising computer-readable media, and electronicdevices for querying restricted-access datasources.

BACKGROUND

Existing business intelligence tools may be queried using customizedscripts, application programming interfaces or the like. In someinstances, a subscriber of such a tool may develop a softwareapplication configured to provide user access to the businessintelligence data via a user interface. System architecture may permitthe software application to call a module for accessing the businessintelligence tool upon user request.

A user may log into the software application and access functionalityfor performing a query of the business intelligence tool. The module ofthe software application may request and accept input from the user forspecifying arguments and parameters required to query the tool. Thesoftware application may be queried, in turn, for authorizationinformation by the business intelligence tool. Once results have beenreceived from the query, the user may launch another application seekingdata from a different business intelligence tool and may repeat thesearch process again for each tool from which business intelligence datais desired.

This background discussion is intended to provide information related tothe present invention which is not necessarily prior art.

BRIEF SUMMARY

Embodiments of the present technology relate to computer-implementedmethods, systems comprising computer-readable media, and electronicdevices for generating notifications relating to job statuses ofrestricted-access datasource queries. The embodiments may enablegeneration of a notification reflecting responsive results from aplurality of datasources according to a single set of notificationcharacteristics. The embodiments may also enable unified redaction of anotification relating to a combined results list from the plurality ofdatasources according to a single determination of a present securitylevel.

More particularly, in a first aspect, a computer-implemented method forsecure multi-datasource query job status notification may be provided.The method may include automatically accessing notificationcharacteristics for a query job status. Occurrence of the query jobstatus may be automatically determined, and an initial version of anotification at least in part based on the notification characteristicsmay be automatically generated. A present security level may beautomatically determined by analyzing at least one of end user activityand an aspect of an end user computing device. A final version of thenotification may be automatically generated at least in party byredacting the initial version based on the present security level.Transmission of the final version of the notification to the end usercomputing device may be automatically instructed. The method may includeadditional, less, or alternate actions, including those discussedelsewhere herein.

In another aspect, a system for secure multi-datasource query job statusnotification may be provided. The secure notification system may includeone or more processors individually or collectively programmed toperform the steps described in this paragraph. Notificationcharacteristics for a query job status may be automatically accessed.Occurrence of the query job status may be automatically determined, andan initial version of a notification at least in part based on thenotification characteristics may be automatically generated. A presentsecurity level may be automatically determined by analyzing at least oneof end user activity and an aspect of an end user computing device. Afinal version of the notification may be automatically generated atleast in party by redacting the initial version based on the presentsecurity level. Transmission of the final version of the notification tothe end user computing device may be automatically instructed. Thesystem may include additional, less, or alternate functionality,including that discussed elsewhere herein.

In still another aspect, a system comprising computer-readable mediahaving computer-executable instructions stored thereon for securemulti-datasource query job status notification may be provided. Thecomputer-readable instructions may instruct at least one processor toperform the steps described in this paragraph. Notificationcharacteristics for a query job status may be automatically accessed.Occurrence of the query job status may be automatically determined, andan initial version of a notification at least in part based on thenotification characteristics may be automatically generated. A presentsecurity level may be automatically determined by analyzing at least oneof end user activity and an aspect of an end user computing device. Afinal version of the notification may be automatically generated atleast in party by redacting the initial version based on the presentsecurity level. Transmission of the final version of the notification tothe end user computing device may be automatically instructed. Thecomputer-readable instructions may instruct the processor(s) to performadditional, fewer, or alternative actions, including those discussedelsewhere herein.

Advantages of these and other embodiments will become more apparent tothose skilled in the art from the following description of the exemplaryembodiments which have been shown and described by way of illustration.As will be realized, the present embodiments described herein may becapable of other and different embodiments, and their details arecapable of modification in various respects. Accordingly, the drawingsand description are to be regarded as illustrative in nature and not asrestrictive.

BRIEF DESCRIPTION OF THE DRAWINGS

The Figures described below depict various aspects of systems andmethods disclosed therein. It should be understood that each Figuredepicts an embodiment of a particular aspect of the disclosed systemsand methods, and that each of the Figures is intended to accord with apossible embodiment thereof. Further, wherever possible, the followingdescription refers to the reference numerals included in the followingFigures, in which features depicted in multiple Figures are designatedwith consistent reference numerals.

FIG. 1 illustrates various components, in block schematic form, of anexemplary system for querying restricted-access datasources inaccordance with embodiments of the present invention;

FIGS. 2 and 3 illustrate various components of exemplary computingdevices shown in block schematic form that may be used with the systemof FIG. 1;

FIG. 4 illustrates various components of an exemplary server shown inblock schematic form that may be used with the system of FIG. 1;

FIG. 5 is a flowchart of various components of exemplary systems forquerying restricted-access datasources, and of relationships between thecomponents, in accordance with embodiments of the present invention;

FIG. 6 is a flowchart of various components of exemplary systems forquerying restricted-access datasources, and of relationships between thecomponents, in accordance with embodiments of the present invention;

FIG. 7 is a flowchart of various components of exemplary systems forprovisioning access rights, and of relationships between the components,in accordance with embodiments of the present invention;

FIG. 8 is a flowchart illustrating at least a portion of the steps forprovisioning access rights in accordance with embodiments of the presentinvention;

FIG. 9 is a flowchart of various components of exemplary systems forquerying restricted-access databases and generating a consolidatedresults list, and of relationships between the components, in accordancewith embodiments of the present invention;

FIG. 10 is a flowchart of various components of exemplary systems forgenerating job status notifications, and of relationships between thecomponents, in accordance with embodiments of the present invention; and

FIG. 11 is a flowchart illustrating at least a portion of the steps forgenerating job status notifications in accordance with embodiments ofthe present invention.

The Figures depict exemplary embodiments for purposes of illustrationonly. One skilled in the art will readily recognize from the followingdiscussion that alternative embodiments of the systems and methodsillustrated herein may be employed without departing from the principlesof the invention described herein.

DETAILED DESCRIPTION

Existing platforms for querying an application programming interface(API) to obtain business intelligence data are configured to optimize auser experience in view of the configuration employed by the API. Suchplatforms may assist the user in executing precise queries, and maystore the results at the request of the user. However, existingplatforms are sluggish where a user intends to gather businessintelligence data from multiple APIs implementing diverse architecturalframeworks and/or authorization schemas.

According to embodiments of the present invention, a developer mayutilize a platform to unify access to provisionable assets across aplurality of tools utilizing a plurality of datasource structures,syntaxes, formats, languages or the like. Embodiments of the platformmay be configured to permit individual configurations, settings and/oraccess details to be defined once by a developer and propagatedautomatically across the various tools into automated scripts anddatabase entries for automated querying of restricted-access datasourcesin response to a single end user query. According to embodiments of thepresent invention, individual filters, search queries, user loginoperations and the like may be input once by an end user and propagatedautomatically as search queries across the various tools. Responsiveresults may be automatically gathered from the various tools andtranslated, converted and/or otherwise reformatted into a common formand ranked by the platform for presentation to the end user.

Further, in embodiments where at least some end userauthentication/authorization information is stored at the level of thetools, the platform may be configured to automatically propagate anychanges to an end user's authentication/authorization information acrosssuch tools. Still further, job processing may be unified andconsolidated, and individual notification configurations, settingsand/or contents may be defined once by the developer and/or end user andpropagated automatically across jobs invoking a variety of tools.

Exemplary System

FIG. 1 depicts an exemplary environment for querying restricted-accessdatasources according to embodiments of the present invention. Theenvironment may include a plurality of computers 10, 12, a plurality ofservers 14, a plurality of application programming interfaces (APIs) 16,and a communication network 18. The computers 10, 12 and the servers 14may be located within network boundaries of a large organization, suchas a corporation, a government office, a university, a college, or thelike. The communication network 18 and the APIs 16 may be external tothe organization, for example where the APIs 16 are offered by datavendors managing restricted-access datasources.

More particularly, the computers 10, 12 and servers 14 may be connectedto an internal network 20 of the organization, which may comprise atrusted internal network or the like. Alternatively or in addition, thecomputers 10, 12 and servers 14 may manage access to the APIs 16 and/orrestricted-access datasources under a common authentication managementframework. Each user of a device 10, 12, may be required to complete anauthentication process to query restricted-access datasources via theservers 14. In an embodiment, one or more computers 12 may not beinternal to the organization, but may be permitted access to perform thequeries via the common authentication management framework. Forinstance, the common authentication management framework may compriseone or more servers made available under Web SEAL® (a registeredtrademark of International Business Machines Corporation) as of the dateof initial filing of the present disclosure. Moreover, all or some ofthe APIs 16 and/or restricted-access datasources may be maintainedand/or owned by the organization and/or may be maintained on theinternal network 20 within the scope of the present invention. One ofordinary skill will appreciate that the servers 14 may be free of,and/or subject to different protocol(s) of, the common authenticationmanagement framework within the scope of the present invention.

Assets stored at restricted-access datasources and made available viathe APIs 16 may include business intelligence (BI) data. BI data mayinform users to enable them to improve operational efficiencies,products/services, marketing, customer retention, risk reduction, or thelike on behalf of user organizations. For instance, the servers 14 maybe maintained by a payment network organization, and an authenticatedemployee of a financial institution may access an exemplary systemimplemented on the servers 14 to query restricted-access datasources viathe APIs 16 and obtain customer transaction data to identify fraudulentactivities. An employee of the payment network organization may alsoaccess such an exemplary system from a computer 12 to query therestricted-access datasources via APIs 16 to identify fraudulentactivities. One of ordinary skill will appreciate that embodiments mayserve a wide variety of organizations and/or rely on a wide variety ofdatasources within the scope of the present invention. For example, oneor more datasources accessed by a system according to embodiments of thepresent invention may be available to the public.

The computers 10, 12 may be workstations, as described in more detailbelow. The computer 10 may be operated by a developer and/oradministrator. The developer may build user applications at computer 10for deployment and use by users at computers 12. The administrator maydefine access rights at computer 10 for provisioning user queries torestricted-access datasources via the user applications. In anembodiment, the same individual performs developer and administratortasks.

Turning to FIGS. 2-3, generally the computers 10, 12 may include tabletcomputers, laptop computers, desktop computers, workstation computers,smart phones, smart watches, and the like. In addition, the computers10, 12 may include copiers, printers, routers and any other device thatcan connect to the internal network 20 and/or the communication network18. Each computer 10, 12 may respectively include a processing element22, 32 and a memory element 24, 34. Each computer 10, 12 may alsorespectively include circuitry capable of wired and/or wirelesscommunication with the internal network 20 and/or the communicationnetwork 18, including, for example, transceiver elements 26, 36.Further, the computers 10, 12 may respectively include a softwareapplication 28, 38 configured with instructions for performing and/orenabling performance of at least some of the steps set forth herein. Inan embodiment, the software applications 28, 38 comprise programs storedon computer-readable media of memory elements 24, 34. Still further, thecomputers 10, 12 may respectively include a display 30, 50.

Generally, the servers 14 act as a bridge between the computers 10, 12and/or internal network 20 of the organization on the one hand, and thecommunication network 18 and APIs 16 of the outside world on the otherhand. In an embodiment, the servers 14 also provide communicationbetween the computers 10, 12 and internal APIs 16, as discussed above.The servers 14 may include a plurality of proxy servers, web servers,communications servers, routers, load balancers, and/or firewallservers, as are commonly known.

The servers 14 also generally implement a platform (see FIGS. 5-6) formanaging queries to, and responsive assets (e.g., resources includingdata, files and the like) received from, APIs 16 and/orrestricted-access datasources, and for performing related functions. Itis foreseen that the servers 14 may interact directly withrestricted-access datasources (i.e., without API 16 intermediary(ies))without departing from the spirit of the present invention (see FIG. 6).The servers 14 may retain electronic data and may respond to requests toretrieve data as well as to store data. The servers 14 may comprisedomain controllers, application servers, database servers, file servers,mail servers, catalog servers or the like, or combinations thereof. Inan embodiment, one or more restricted-access datasources and/or APIs 16may be maintained by one or more of the servers 14. Generally, eachserver 14 may include a processing element 52, a memory element 54, atransceiver element 56, and a software program 58.

Each API 16 may include and/or provide access to one or more pages orsets of data and/or other content accessed through the World Wide Web(e.g., through the communication network 18) and/or through the internalnetwork 20. Each API 16 may be hosted by or stored on a web serverand/or database server, for example. The APIs 16 may include top-leveldomains such as “.com”, “.org”, “.gov”, and so forth. The APIs 16 may beaccessed using software such as a web browser, through execution of oneor more script(s) for obtaining BI data, and/or by other means forinteracting with APIs without departing from the spirit of the presentinvention.

The communication network 18 generally allows communication between theservers 14 of the organization and external APIs such as data vendorAPIs 16. The communication network 18 may also generally allowcommunication between the computers 10 and/or 12 and the servers 14, forexample in conjunction with the common authentication frameworkdiscussed above and/or secure transmission protocol(s). The internalnetwork 20 may generally allow communication between the computers 10,12 and the servers 14. The internal network 20 may also generally allowcommunication between the servers 14 and internal APIs 16 and/orinternal restricted-access datasources.

The communication networks 18, 20 may include the Internet, cellularcommunication networks, local area networks, metro area networks, widearea networks, cloud networks, plain old telephone service (POTS)networks, and the like, or combinations thereof. The communicationnetworks 18, 20 may be wired, wireless, or combinations thereof and mayinclude components such as modems, gateways, switches, routers, hubs,access points, repeaters, towers, and the like. The computers 10, 12,servers 14 and/or APIs 16 may, for example, connect to the communicationnetworks 18, 20 either through wires, such as electrical cables or fiberoptic cables, or wirelessly, such as RF communication using wirelessstandards such as cellular 2G, 3G, 4G or 5G, Institute of Electrical andElectronics Engineers (IEEE) 802.11 standards such as WiFi, IEEE 802.16standards such as WiMAX, Bluetooth™, or combinations thereof.

The transceiver elements 26, 36, 56 generally allow communicationbetween the computers 10, 12, the servers 14, the communication networks18, 20, the APIs 16 and/or the restricted-access datasources (see FIGS.5-6). The transceiver elements 26, 36, 56 may include signal or datatransmitting and receiving circuits, such as antennas, amplifiers,filters, mixers, oscillators, digital signal processors (DSPs), and thelike. The transceiver elements 26, 36, 56 may establish communicationwirelessly by utilizing radio frequency (RF) signals and/or data thatcomply with communication standards such as cellular 2G, 3G, 4G or 5G,Institute of Electrical and Electronics Engineers (IEEE) 802.11 standardsuch as WiFi, IEEE 802.16 standard such as WiMAX, Bluetooth™, orcombinations thereof. In addition, the transceiver elements 26, 36, 56may utilize communication standards such as ANT, ANT+, Bluetooth™ lowenergy (BLE), the industrial, scientific, and medical (ISM) band at 2.4gigahertz (GHz), or the like. Alternatively, or in addition, thetransceiver elements 26, 36, 56 may establish communication throughconnectors or couplers that receive metal conductor wires or cables,like Cat 6 or coax cable, which are compatible with networkingtechnologies such as ethernet. In certain embodiments, the transceiverelements 26, 36, 56 may also couple with optical fiber cables. Thetransceiver elements 26, 36, 56 may respectively be in communicationwith the processing elements 22, 32, 52 and/or the memory elements 24,34, 54.

The memory elements 24, 34, 54 may include electronic hardware datastorage components such as read-only memory (ROM), programmable ROM,erasable programmable ROM, random-access memory (RAM) such as static RAM(SRAM) or dynamic RAM (DRAM), cache memory, hard disks, floppy disks,optical disks, flash memory, thumb drives, universal serial bus (USB)drives, or the like, or combinations thereof. In some embodiments, thememory elements 24, 34, 54 may be embedded in, or packaged in the samepackage as, the processing elements 22, 32, 52. The memory elements 24,34, 54 may include, or may constitute, a “computer-readable medium.” Thememory elements 24, 34, 54 may store the instructions, code, codesegments, software, firmware, programs, applications, apps, services,daemons, or the like that are executed by the processing elements 22,32, 52. In an embodiment, the memory elements 24, 34, 54 respectivelystore the software applications/program 28, 38, 58. The memory elements24, 34, 54 may also store settings, data, documents, sound files,photographs, movies, images, databases, and the like.

The processing elements 22, 32, 52 may include electronic hardwarecomponents such as processors. The processing elements 22, 32, 52 mayinclude microprocessors (single-core and multi-core), microcontrollers,digital signal processors (DSPs), field-programmable gate arrays(FPGAs), analog and/or digital application-specific integrated circuits(ASICs), or the like, or combinations thereof. The processing elements22, 32, 52 may generally execute, process, or run instructions, code,code segments, software, firmware, programs, applications, apps,processes, services, daemons, or the like. For instance, the processingelements 22, 32, 52 may respectively execute the softwareapplications/program 28, 38, 58. The processing elements 22, 32, 52 mayalso include hardware components such as finite-state machines,sequential and combinational logic, and other electronic circuits thatcan perform the functions necessary for the operation of the currentinvention. The processing elements 22, 32, 52 may be in communicationwith the other electronic components through serial or parallel linksthat include universal busses, address busses, data busses, controllines, and the like.

Turning to FIG. 5, the servers 14 may embody a platform 60 (otherwisereferred to herein as a “common delivery platform,” a “CDP Layer” or thelike) for managing queries to, and responsive assets received from, APIs16 and/or restricted-access datasources, and for performing relatedfunctions in accordance with the description set forth herein. The APIs16 may be embodied by BI tools 62, which may provide, comprise and/orcommunicate with database management software for querying datasources64.

Queries may be initiated via BI tool components 66 of a UserInterface/Application 68. The User Interface/Application 68 may beembodied, controlled and/or executed by a computer 12. The UserInterface/Application 68 may be hosted by a server 14 (e.g., a webserver or the like) without departing from the spirit of the presentinvention, for instance where the User Interface/Application 68 isaccessed remotely by a computer 12 that is external to an organizationmanaging the platform 60. In an embodiment, access to the UserInterface/Application 68 is granted via the common authenticationframework, such as through known single sign-on (SSO) processes.

The datasources 64 may utilize a variety of formats and structureswithin the scope of the invention. For instance, relational databasesand/or object-oriented databases may embody the datasources 64.Similarly, the BI tools 62 may utilize a variety of formats andstructures within the scope of the invention. For instance, the BI tools62 may embody and/or utilize Simple Object Access Protocol (SOAP),Remote Procedure Call (RPC), and/or Representational State Transfer(REST) types. One of ordinary skill will appreciate that—while examplespresented herein may discuss specific types of tools and/or databases—awide variety may be used alone or in combination within the scope of thepresent invention.

In an embodiment, the BI tools 62 available to the platform 60 mayemploy a variety of architectures and/or types. The platform 60 maycorrespondingly include a plurality of adapters 70. Each adapter 70 maybe specialized to translate and/or configure queries to, and responsiveassets received from, one or more compatible BI tools 62 and/ordatasources 64. In an embodiment, each adapter 70 is configured totranslate a query from a User Interface/Application 68 into the specificsyntax, format and language required for submission to a correspondingBI tool 62 (e.g., according to the requirements of an API and/orapplication of the BI tool 62). Each adapter 70 may also be configuredto implement and/or comply with one or more authentication/authorizationprotocols required by the corresponding BI tool 62, such as bytranslating authentication/authorization credentials and/or identityinformation of the end user into a required form (e.g., a token), and/orexchanging such information in the manner required by the BI tool 62.Moreover, each adapter 70 may be configured to translate responsiveassets received from the corresponding BI tool 62 into a standardizedformat utilized broadly by the platform 60.

For example, a BI tool 62 may comprise a REST API. The BI tool 62 may beconfigured to receive string queries and return responsive resources ofthe datasource 64. The responsive resources may be made available inJavaScript Object Notation (JSON) format. The adapter 70 may accordinglybe configured to: (1) receive a query from the UserInterface/Application 68; (2) retrieve one or more correspondingresource paths (e.g., universal resource identifiers (URIs)) for the BItool 62, such as by requesting the URIs from the CDP Resource Repositorycomponent (discussed below); (3) translate the query according to thestring query syntax preferred by the BI tool 62 and using the particularparameters, arguments, resource names and/or identifiers employed by theBI tool 62; (4) submit a properly translated string query to the BI tool62; (5) receive responsive resources, and/or retrieve same via a linkthereto provided by, the BI tool 62; (6) parse and/or translateresponsive resources from JSON format to a more universal structuredformat of the platform 60 (e.g., a table structured format); and (7)provide the translated responsive resources to other platform 60components for ranking and other steps outlined herein. One of ordinaryskill will appreciate that the aforementioned example is merelyillustrative, and that adapters 70 may be configured to perform one ormore of these steps for data queries and retrieval with a variety ofdatasource structures, syntaxes, formats, languages or the like withinthe scope of the present invention. Moreover, it is foreseen thatcertain steps outlined in or appreciated from the description above maybe performed prior to receiving a query—for instance where scriptedinstructions, partial translations, filters or other aspects areprepared in anticipation of the query in connection with developmentprocesses described in connection with FIGS. 7-8 below—without departingfrom the spirit of the present invention.

Each adapter 70 may also be configured to append metadata regardingusers, user authentication/authorization, queries, and/or query resultsas needed to complete query and retrieval/display processes, asdiscussed in more detail below. The platform 60 may include a resourcerouter configured to direct queries and/or responsive results to andfrom appropriate adapter(s) 70.

The platform 60 may include applications/programs 28, 38, 58,conceptually and/or programmatically delineated functions, modules,libraries, subroutines, programs or the like, or combinations thereof,for performing one or more of the steps outlined herein. In theembodiments of FIGS. 5-6, these may include the following:

(A) Prompt Handler component. The Prompt Handler component may modify aquery and/or responsive assets to narrow the content of the resultsprovided to the User Interface/Application 68. For instance, the PromptHandler component may append metadata to datasource queries and/orfilter responsive assets returned by BI tools 62. The Prompt Handlercomponent may narrow the content provided to the UserInterface/Application 68 to, for example, reflect the scope of therequesting end user's access rights and/or to reflect one or morecontent filters selected by the user, a developer and/or anadministrator.

In an embodiment, the Prompt Handler component may narrow the datasourcequery according to the one or more authorization and/or selected filtersbefore passing the query to adapters 70 for translation and presentationto corresponding BI tools 62, thereby propagating the limitation acrossthe adapters 70 and datasources 64. In another embodiment, the PromptHandler component may pass instructions to the adapters 70 to apply theone or more authorization and/or selected filters to the datasourcequery and/or the responsive results. In this manner, datasource queriesmay be appropriately narrowed before presentment to adapters 70 and/orBI tools 62 to reduce unnecessary translation and/or retrieval/storageof filtered responsive assets.

(B) Scheduler component. The Scheduler component may work with a BatchProcessor component (discussed below) and/or other components to attachprocessing times to datasource query jobs. For instance, the Schedulercomponent may at least partially maintain a job database of datasourcequeries. The job database may be stored in the CDP Resource Repositorycomponent and/or the memory element 54, for example. In an embodiment,the job database may comprise a plurality of records, each recordcorresponding to a datasource query. Each record may include a statusfield (also discussed above) configured to store a plurality of flagvalues, each flag value corresponding to a present state and/or jobstatus of the datasource query corresponding to the record, as discussedin more detail below.

The Scheduler component may execute an algorithm including a pluralityof factors to determine—statically or dynamically—scheduled processingtimes for each of the datasource queries in the job database. Theplurality of factors may include, without limitation: requested BItool(s) for processing each job; existing backlog of queries for therequested BI tool(s); expected completion timeframe for backlog queries;priority flags submitted by requesting user(s); job size and other likefactors, alone or in combination. The Scheduler component may gatherdata and information required to populate values for the factorsconsidered by the algorithm from the adapters 70, the job database, anaccess database (discussed below), the CDP Resource Repository componentand/or other components of the platform 60.

(C) Batch Processor component. The Batch Processor component may work inconjunction with the Scheduler component to manage prioritization and/orscheduling of batch data query processing. The Batch Processor componentmay also gather data and information required to perform the stepsoutlined herein from the adapters 70, the job database, the accessdatabase, the CDP Resource Repository component and/or other componentsof the platform 60.

In an embodiment, it is preferred that responsive assets from multipleBI tools 62 be retrieved from datasources 64 within a common timeframe.For example, it may be desirable for three (3) BI tools 62 invoked by aquery to each provide responsive results within a ten (10) hour window,such that the results are representative of roughly the same datatimeframe. The Batch Processor component may maintain and/or access jobstatus records for the three (3) BI tools 62 in the job database. Therecords may indicate a processing backlog on one (1) of the three (3) BItools 62 that would prevent processing of the query job within thepreferred ten (10) hour window, assuming the other two (2) BI tools 62were to process the job immediately. The Batch Processor component maytherefore delay processing of the query by the other two (2) BI tools 62sufficiently to ensure the query job can be completely processed withina common ten (10) hour window. For example, the Batch Processorcomponent may treat the three (3) jobs stemming from a common query as adelayed “batch” awaiting the availability of the backlogged BI tool 62.In a preferred embodiment, the common data timeframe may be less thaneight (8) hours and, more preferably, is less than two (2) hours.

For another example, the Batch Processor component may prioritizeprocessing of job queries in batches to optimize load balancing or thelike across the BI tools 62. One of ordinary skill will appreciate thata wide variety of algorithms and underlying logic/rules may drive batchprocessing of data retrieval jobs and the like within the scope of thepresent invention.

(D) Command Manager component. The Command Manager component may storeand implement rules for ranking responsive results in connection withpresentation to an end user by the User Interface/Application 68. Forexample, where a responsive result would normally be presented third(3^(rd)) to the end user under a default (e.g., “organic”) rankingalgorithm of the User Interface/Application 68, a business ruleimplemented by the Command Manager component may require re-ranking ofthe result to the first (1^(st)) position in the results list. Such arule may, for example, result from a business decision seeking toincrease visibility of the re-ranked result. Conversely, the CommandManager component may require lowering the ranking of a relevantresponsive result, for example where the responsive result is embodiedby a report having an undesirable aged format.

The Command Manager component may compare responsive results againstsuch rule(s) according to indexing and/or parsing techniques, forexample. Assets may be flagged as having one or more types and/or URIs,and the rule(s) may be triggered to operation upon encountering resultsexhibiting certain types/URIs. The Command Manager component may parsethe assets of responsive results for one or more content indicatorspermitting automated classification into one or more type(s) and/orURIs. For instance, the Command Manager component may parse columnheaders of a responsive result having a table structured format toautomatically classify the result as falling within an “AggregatePayment Transactions (y) Plotted Against Time (x) for Multiple MCCs”type. Also or alternatively, the Command Manager may interface with anadapter 70 to request a designation from a datasource 64 and/or adeveloper may manually provide a value during the development processdesignating the asset for identification of the aforementioned typeand/or as having a specified URI.

When a designated/classified asset appears as a result responsive to anend user query, the Command Manager component may check the type and/orURI of the asset against the rule(s), determine a match, andre-configure presentation of the result according to the rule. If nomatch is found to a rule, the Command Manager component may permitranking to proceed according to the default ranking algorithm. One ofordinary skill will appreciate that a variety of techniques forindexing/classifying and/or correlating assets and/or rules of a commandmanager component are within the scope of the present invention.

In an embodiment, business rules implemented by the Command Manager maybe applicable to certain categories of users, but not to others. Forexample, an exemplary result outlined above may be re-ranked by theCommand Manager component for end users identified as external to anorganization, but ranked according to the default ranking algorithm forinternal end users. The Command Manager component may access and/orrequest data from the access database in connection with determiningapplicability of one or more rules to an end user. A variety of rulesand parameters governing application thereof may be implemented by theCommand Manager component within the scope of the present invention.Moreover, one of ordinary skill will appreciate that many options forre-ordering and/or otherwise emphasizing results—such as placement ofone or more results in a dialog box dedicated to use by the CommandManager component—may be utilized in embodiments of the presentinvention.

(E) Search component. In conjunction with the Command Manager component,the Search component may aggregate and rank the responsive results ofeach datasource query, as described in more detail below in connectionwith FIG. 9.

(F) Mobile component. The Mobile component may manage communicationsbetween the platform 60 and computing devices 12 that comprise mobiledevices running mobile applications. That is, native mobile applicationsmay access and use the platform 60 via the Mobile component. The Mobilecomponent may embody the architecture of known mobile applicationplatforms on cloud servers—such as by running multiple users' virtualmachines in a server via a hypervisor and/or by running multiple userapplications in separate processes to provide access to the platform60—without departing from the spirit of the present invention.

(G) Notifications/FCM browser push component. The Notifications/FCMbrowser push component may communicate with the Status Manager component(discussed below) and/or reference the job database and transmit and/orinitiate notifications to users regarding job status changes, includingby configuring the appropriate channel(s), content, and timing for thenotifications.

The Notifications/FCM browser push component may include one or morerules governing notification operations. In an embodiment, theNotifications/FCM browser push component may include instructions forperiodically querying the job database for status flags requiring anotification action that has not yet been performed. TheNotifications/FCM browser push component may also at least partlymaintain the job database and/or one or more notification databases forstorage of notification preferences and data as well as status flags. Inan embodiment, a developer may define the channel(s), format, content,timing and other aspects of notifications to be made available to endusers of a User Interface/Application 68. The Notifications/FCM browserpush component may manage storage of the developer configurations and ofend user preferences.

The Notifications/FCM browser push component may utilize one or morerules, developer configuration(s) and/or end user preferences todetermine that a notification should be generated and transmitted to theend user regarding a job status. The Notifications/FCM browser pushcomponent may query the job database periodically for status flags ofone or more types that the end user has not yet been notified about. TheStatus Manager component may also or alternatively be configured toalert the Notifications/FCM browser push of each new status flag in thejob database on a rolling and/or batch basis. Exemplary status flags mayinclude “Data Available for Download,” “Job Error,” “Processing Delay,”“Request Confirmation of Run,” and so on and so forth. TheNotifications/FCM browser push component may also access developerconfiguration(s) and/or end user preference data to determine whetheridentified status flags should be notified out to the end user and, ifso, the appropriate channel(s), format, content, timing and otheraspects of such a notification. The Notifications/FCM browser pushcomponent may also consult an end user consent data field in the jobdatabase (and/or the access database) to confirm that the end user hasprovided all required consents for a notification.

For example, user preference data may indicate that a job should runautomatically as scheduled without the need for additional confirmationfrom the end user when the “Request Confirmation of Run” flag appears inthe job database. This may cause the Notifications/FCM browser pushcomponent to automatically replace the “Request Conformation of Run”flag with a “Request Processing Time from Scheduler component” flag,which may then be acted on by the Scheduler component. For anotherexample, a developer configuration may dictate that a “Job Error” statusflag should cause the Notifications/FCM browser push component toautomatically enter a new flag comprising “Request Processing Time fromScheduler Component” or to request the end user's confirmation beforeproceeding in this manner. It is foreseen that a variety of rules,status flags, developer configurations and/or personal preference datamay be utilized for automated management of notifications by aNotifications/FCM browser push component without departing from thespirit of the present invention.

Once it is determined that a notification is to be generated, theNotifications/FCM browser push component may generate the notificationaccording to developer configuration(s) and/or user preferences, forexample with respect to the channel(s), format, content, timing andother aspects of the notification. In an embodiment, the notificationmay be sent via one or more of web browser, e-mail and mobile channels.The notification may enclose one or more assets (such as data reportsand tables) and/or provide link(s) for accessing same. Also oralternatively, the Notifications/FCM browser push component may storethe link/assets (e.g., in the CDP Resource Repository) and notify theUser Interface/Application 68 of the location of the link/assets foraccess when requested by the end user.

The Notifications/FCM browser push component may provide the content ofone or more notifications to a service (e.g., a push service), alongwith destination device/address information and/or end useridentification information, for transmission/display of thenotification(s) and/or monitoring of user interactions therewith. Userinteractions with the notification may be monitored by the UserInterface/Application 68, a web browser and/or an agent associated withone or both of the foregoing. User interactions may be reported back tothe Notifications/FCM browser push component for recordation and/orresponsive actions (such as populating a status flag field with a valuecorresponding to a next stage of job processing). One of ordinary skillwill appreciate that a variety of channels and technologies, and avariety of approaches to delivery and user feedback mechanisms, arewithin the scope of the present invention.

The Notifications/FCM browser push component may also implementsensitive data business rules to scan notifications and controlredaction and/or delivery of notifications, as discussed in more detailbelow in connection with FIGS. 10-11.

(H) Status Manager component. The Status Manager component may issuedownstream job processing requests (e.g., to adapters 70 and/or BI tools62) alone or in conjunction with the Scheduler component and/or theBatch Processor component, and may at least partly maintain a job statusflag for each datasource query within the job database. Moreover, theStatus Manager component may maintain other data for each job and/or foraspects of queries other than datasource query status. For example, theStatus Manager component may maintain status flag values relating tonotification delivery and/or search result availability statuses, mayrecord values relating to access propagation (e.g., databaseidentifiers), or the like.

The Status Manager component may also issue instructions and/orotherwise transmit certain job status data upstream—e.g., to theScheduler component and/or the Batch Processor component—to changescheduling and/or prioritization of jobs. It should be noted that a“job” refers generally to an action to be performed in connection with adatasource query.

The Status Manager component may be in constant communication withadapters 70 and other components of the platform 60 in order to receive,track and/or record changes in job status from responsible devices andcomponents. For instance, each time responsive results from a datasource64 query job are received by an adapter 70, the adapter 70 is preferablyconfigured to store the received data and metadata in the CDP ResourceRepository and record a related pointer to the location of storage. Theadapter 70 may notify the Status Manager of the change in job status andprovide the pointer for storage in the job database. One of ordinaryskill will appreciate that the adapter 70 may omit passage of thepointer to the Status Manager within the scope of the present invention.It is foreseen that the Status Manager component may utilize a varietyof approaches to managing job statuses without departing from the spiritof the present invention.

(I) Object Mapper component. The Object Mapper component may work inconjunction with the Prompt Handler component to map or otherwise applyfilters (e.g., authorization and/or selected filters, also known as“prompts”) to datasource queries and/or responsive results to narrow thecontent presented to the User Interface/Application 68. The ObjectMapper component may also work in conjunction with the Schedulercomponent to determine which mapped datasource queries are schedulable.Further, the Object Mapper component may map assets exposed by BI tools62 to price or cost data evidenced by corresponding contracts oragreements (for use in results ranking as discussed in more detailbelow) and/or to types/URIs to assist the functions of the CommandManager component outlined above.

Generally, the Object Mapper component may serve as the primary mappingresource for enabling a variety of functions of the platform 60. Thatis, the Object Mapper component may at least partly maintain one or moredatabases by defining relationships between and/or functions forconverting between associated data elements. In an embodiment, theObject Mapper component may apply a function to a first data element toconvert it to a second data element, may parse data to identify a firstdata element and relate it to a second data element, may look up a firstdata element to locate an associated second data element, or mightotherwise function to interrelate and/or convert data and informationused by the platform 60. For instance, the Prompt Handler component maystore a plurality of prompts, and may request that the Object Mappercomponent map the prompts to proper corresponding datasource 64 queries.

(J) Authentication component. The Authentication component may translatedata from the common authentication management framework into identityinformation for use in connection with end user datasource queries. Inan embodiment, this includes translating a token (e.g., an SSO token)representing end user information into the identity information of theend user. The identity information may be used, for example, todetermine the access rights enjoyed by the end user through reference tothe access database and/or one or more authentication/authorizationdatabases maintained by APIs 16. One of ordinary skill will appreciatethat a variety of user information may comprise and/or be used togenerate the identity information within the scope of the presentinvention. It is foreseen that the Authentication component may functionin connection with a variety of common authentication frameworks withoutdeparting from the spirit of the present invention.

(K) Authorization component. The Authorization component may look up enduser identity information in one or more user tables and/or in theaccess database at least partly maintained by the Authorization Sourcecomponents (discussed below) or the like to determine one or more rolesassigned to the user. The Authorization component may pass the role(s)to the Prompt Handler component and/or the Object Mapper component forcontinued handling of a user datasource query. The Authorizationcomponent may also pass the roles, token, and/or identity information tothe adapters 70 for incorporation into datasource queries issued to theBI tools 62 and/or other authorization-related communications with theBI tools 62.

(L) Authorization Source components. The Authorization Source componentsmay store user tables, active directory groups, tokens or the likeand/or may at least partly maintain the access database for associatingand/or mapping users to roles, user groups and/or other groupings andmanaging access rights in connection with queries. The AuthorizationSource components may also or alternatively respond to queries foraccess rights data from the other components of the platform 60 and/orfrom the BI tools 62.

For example, in an embodiment, an adapter 70 may pass a datasource queryto a BI tool 62 with a security token and/or identity informationtranslated therefrom. The BI tool 62 may, in turn, call theAuthorization Source components with the security token and/ortranslated identity information to obtain access rights for the userand/or user group identified thereby (e.g., by reference to the usertables and/or access database).

For another example, an adapter 70 may pass a datasource query to a BItool 62, and the BI tool 62 may call the Authorization Source componentsto obtain a token associated with the user that initiated the datasourcequery. In an embodiment, the Authorization Source components may replyaccording to methodologies and/or protocols such as those provided underthe following trademarks as of the date of initial filing of the presentdisclosure: KERBEROS™ (propagated by the Massachusetts Institute ofTechnology); and Security Access Markup Language assertions (an openstandard for exchanging security credentials). The Authorization Sourcecomponents may embody an API for responding to calls from the BI tools62 substantially as outlined above. It is foreseen that a variety ofaccess authorization approaches may be implemented in embodiments of thepresent invention. In an embodiment, token generation and exchange withthe APIs 16 is in accordance with the OAuth 2.0 protocol.

(M) CDP Resource Repository component. The CDP Resource Repositorycomponent may store URIs for assets exposed by the BI tools 62 and maypass URIs corresponding to each datasource query to adapters 70. In anembodiment, the URIs include roots (e.g., default roots) for sub-spacesto be searched pursuant to datasource queries. One of ordinary skillwill appreciate that the CDP Resource Repository component may also actas a database cache and/or other memory for storing additional datarequired for operation of embodiments of the present invention.

(N) Self-Service component. The developer may choose to provide endusers with access to the Self-Service component to enable furthercustomization of responsive results presented to the end users. Forexample, an end user may be able to select from among the BI tools 62enabled by the developer, customize report formatting, or otherwiseconfigure and/or reconfigure the User Interface/Application 68 using theSelf-Service component.

Turning specifically to FIG. 6, a CDP Admin UI 72 may be embodied,controlled and/or executed by the computer 10. The CDP Admin UI 72 maybe configured to add, update and/or delete access rights. Moreparticularly, the CDP Admin UI 72 may include and/or provide access toconceptually and/or programmatically delineated programs and/orsubroutines for performing one or more such functions. In theembodiments of FIGS. 6-7, these may include App User Management, RoleManagement and FGA Management components of the platform 60.

The App User Management component may permit an administrator to grantuser access to particular user applications and/or groups of userapplications (i.e., “domains”). The users may access and use suchapplications to issue and/or manage datasource 64 queries via computers12. In an embodiment, the App User Management component may beconfigured to at least partly manage the access database, which may bestored in the CDP Resource Repository component and/or the memoryelement 24. The access database may comprise and/or cooperate withaspects of the Authorization Source component and/or the commonauthentication framework.

The access database may comport with role-based access control,discretionary access control, mandatory access control, other accesscontrol strategies and/or combinations thereof without departing fromthe spirit of the present invention. One of ordinary skill willappreciate that various structures for maintaining access control lists,groupings and/or permissions carry unique advantages and disadvantages.For instance, role-based access control may permit more granular accesscontrol for groups of people, whereas access control lists may besuperior where individuals tend to require unique access separate andapart from a definable role. Moreover, the maintenance and storage ofsuch access management frameworks may be dispersed across variouscomponents of the platform of embodiments of the present inventionand/or the APIs 16 without departing from the spirit of the presentinvention. One of ordinary skill will appreciate that embodiments of thepresent invention may vary in the structure and disposition of accesscontrol mechanisms utilized for querying restricted-access databases.

In an embodiment, the access database may include a plurality ofrecords, each record being keyed to at least one of a user, a group ofusers, an application and/or a group of applications. Each record mayalso include fields defining relationships between the user(s) and/orapplication(s). Relationships between users may be defined at least inpart by user group designation(s), such as where each user group isgiven a user group designation code and fields of records identifyingmembers of the same user group are populated by the same user groupdesignation code. Relationships between applications may be defined atleast in part by application group designation(s), such as where eachapplication group is given an application group designation code andfields of records identifying applications of the same application groupare populated by the same application group designation code.

Identifiers corresponding to each user, user group, application and/orapplication group may populate the records of the access database todefine access relationships. Moreover, additional flags indicating alevel of access may be appropriate for more fine-tuned access control.For instance, relationships between user(s) and application(s) may bedefined at least in part by the App User Management component byapplying one or more access right level flag(s), such as “Permitted,”“Permitted-Restricted,” “Denied” and/or other such designations to therecords of the access database.

In an embodiment, each individual identified for use of the platform 60may be identified personally (such as by a unique individual systemidentifier (ID)). The individual ID may serve as the primary key foreach record of the access database. Each record may include fieldspopulated with one or more of the following: user group designation(s),application designation(s) and/or application group designation(s). Oneor more of the aforementioned designation(s) may include correspondingsub-fields, for instance containing values or flags defining accesslevel(s) such as those outlined above for each application orapplication group.

The App User Management component may instruct display of the records ofthe access database at the computer 10, e.g., at the CDP admin UI 72.For example, the App User Management component may organize the recordsoutlined above into meaningful groupings within one or more fields ortiles on the display 30 and/or CDP admin UI 72. The App User Managementcomponent may include filters, indexing, search and/or otherfunctionalities to assist a CDP admin user in assigning, deleting and/ormodifying access rights. The App User Management component may utilizethe CDP admin UI 72 to define and/or re-define relationships betweenuser(s) and application(s). In an embodiment, the CDP admin user mayconduct a drag-and-drop operation to move a designation representing auser/user group (i.e., individual ID, user group designation, or thelike) and a designation representing an application/application group(i.e., application designation, application group designation, or thelike) into the same field. This may signify grant to the user/user groupof access rights to the application/application group, which may berecorded in the affected records of the access database. One of ordinaryskill will appreciate that a wide variety of grouping and combinatorialapproaches, user interface elements, and access definitions may beimplemented in a platform to signify the granting of access rightswithin the scope of the present invention.

The Role Management component may permit a CDP admin user to assignroles to users and/or user groups and to assign fine grain access (FGA)to roles, as described in more detail below in connection with FIG. 8. Arole may be defined to include users/user groups performing a jobfunction and/or capacity, to include users/user groups having need of atype of access (e.g., “read only”), and/or may be otherwise definedaccording to a common characteristic. Generally, roles may correspond touser groups discussed above and/or may represent independent groupingswithout departing from the spirit of the present invention. Forinstance, a user may be in a user group referenced for purposes ofdefining broad-level application access rights and may be independentlyassigned one or more roles for purposes of defining data, report and/ortool access at the level of FGA (see discussion below). Moreover, rolesand user groups may be defined with respect to one another, such aswhere a plurality of user groups are assigned to a role, and/or whereone or more roles are assigned to a user group, in each case providing amore efficient way of automatically exporting access rights for endusers. In an embodiment, placing a user group within a role may causethe platform 60 to automatically grant the individuals within the usergroup the FGA rights associated with the role. Membership of a userwithin a user group may determine access to and use of a UserInterface/Application 68 more broadly, and assignment to a role maydetermine the data and/or data format(s) the user may access via theUser Interface/Application 68. A role may also or alternatively beidentical to a user group in terms of membership and/or FGA rightswithout departing from the spirit of the present invention.

The FGA Management component may permit a developer to group assets ofone or more BI tools 62 together and assign them to one or more role(s)as a form of FGA definition, thereby consolidating access definitionsfor the grouped assets under the assigned role(s). FGA may include aplurality of relatively detailed definitions for permitted data and/ordata format access. For example, FGA may define a data type and/orreport format type within and/or comprising an asset, and may associatethat definition with one or more roles. For another example, FGA may bemanually defined during development of a User Interface/Application 68to encompass a plurality of assets on a related topic. The definition ofFGA and the assignment to one or more roles will be discussed in moredetail below in connection with FIG. 8.

The Admin UI 72 may be utilized to at least partly build a UserInterface/Application 68 (and/or its BI tool components 66) and/or atany other time to generate, delete and/or modify the accessrelationships outlined herein. For instance, an administrator and/ordeveloper may utilize the Admin UI 72 to update access relationships forassets that are deleted or added following an initial setup and/or buildprocess for the User Interface/Application 68. The Admin UI 72 mayreceive administrator and/or developer selections and provide them tothe adapters 70 in real time for FGA definition and role assignment. Itis foreseen that FGA may be assigned directly to one or more userswithout departing from the spirit of the present invention. One ofordinary skill will appreciate that functions outlined above andelsewhere herein and performed by depicted units of the Admin UI 72 maybe otherwise distributed thereamong and/or performed by other program(s)without departing from the spirit of the present invention. The CDPCustom Authorization sub-component (see FIG. 5), the BI tools 62, theaccess database, other components and/or a combination of the foregoingmay store the user, role and/or FGA definitions.

Returning to FIG. 7, External Authorization info may comprise or providedata obtained from third party databases and mapped to roles, usersand/or user groups defined within the access database (e.g., within usertables). For example, where an external client user accesses theplatform 60 to conduct one or more datasource queries, the platform 60may look up or attempt to look up the external client user in the accessdatabase and may discover that a required role and/or FGA for completingthe query is completely or partially undefined in and/or missing fromthe access database. That is, a parameter, argument and/or access rightmay be either missing or at least partly incomplete. The AuthorizationSource components may query the External Authorization info (e.g., viaan API providing access to the External Authorization info). The callmay pass an authentication token submitted when the external client userwas initially authenticated by the platform 60 and/or other identityinformation, and may request additional data regarding themissing/partially incomplete parameter, argument and/or access rights ofthe external client user. The External Authorization info may includethe requested data, which may be mapped to and/or otherwise incorporatedinto the access database and/or the datasource 64 query.

For example, where the platform 60 is maintained by a payment network,and the external client user is an authenticated employee of a financialinstitution, a database query for certain transaction data issued by theexternal client user may require that a more particular identifier(e.g., an Interbank Card Association number (ICA)) be passed with thequery in order to fully define corresponding access rights to processthe query. The platform 60 may note that the ICA is missing from theaccess database and may request that the External Authorization inforesiding at the financial institution's servers be queried for samebefore proceeding to issue a query to the BI tools 62. Also oralternatively, the missing argument or parameter may be identifiedfollowing submission of the query to the BI tools 62, causing theAuthorization Source components to seek the External Authorization info.It is foreseen that a wide variety of External Authorization info may beconsumed and relied on, at least in part, to support authenticationand/or authorization functions without departing from the spirit of thepresent invention.

Through hardware, software, firmware, or various combinations thereof,the processing elements 22, 32, 52 may—alone or in combination withother processing elements—be configured to perform the operations ofembodiments of the present invention. Specific embodiments of thetechnology will now be described in connection with the attached drawingfigures. The embodiments are intended to describe aspects of theinvention in sufficient detail to enable those skilled in the art topractice the invention. Other embodiments can be utilized and changescan be made without departing from the scope of the present invention.The system may include additional, less, or alternate functionalityand/or device(s), including those discussed elsewhere herein. Thefollowing detailed description is, therefore, not to be taken in alimiting sense. The scope of the present invention is defined only bythe appended claims, along with the full scope of equivalents to whichsuch claims are entitled.

Exemplary Computer-Implemented Access Unification Method

FIG. 8 depicts a flowchart including a listing of steps of an exemplarycomputer-implemented method 100 for access unification. The steps may beperformed in the order shown in FIG. 8, or they may be performed in adifferent order. Furthermore, some steps may be performed concurrentlyas opposed to sequentially. In addition, some steps may be optional.

The computer-implemented method 100 is described below, for ease ofreference, as being executed by exemplary devices and componentsintroduced with the embodiments illustrated in FIGS. 1-7 and 9-10. Forexample, the steps of the computer-implemented method 100 may beperformed by the computer 10, the server 14 and the network 20 throughthe utilization of processors, transceivers, hardware, software,firmware, or combinations thereof. However, a person having ordinaryskill will appreciate that responsibility for all or some of suchactions may be distributed differently among such devices or othercomputing devices without departing from the spirit of the presentinvention. One or more computer-readable medium(s) may also be provided.The computer-readable medium(s) may include one or more executableprograms stored thereon, wherein the program(s) instruct one or moreprocessing elements to perform all or certain of the steps outlinedherein. The program(s) stored on the computer-readable medium(s) mayinstruct the processing element(s) to perform additional, fewer, oralternative actions, including those discussed elsewhere herein.

Referring to step 101, a developer may select an application andactivate a role management component of a platform. In an embodiment,the developer may utilize the CDP admin UI to activate the RoleManagement component of the platform 60 and, in conjunction, may beginor continue development of the User Interface/Application 68. Theselected User Interface/Application 68 may be developed for use by endusers within a topic area, such as “Fraud Detection.” It is, however,foreseen that a user interface/application may be developed around anyone or more topics without departing from the spirit of the presentinvention.

Referring to step 102, the developer may choose a plurality of tools foruse with the application. In the exemplary embodiment, the selectedtools may comprise BI tool 1 and BI tool 2 of the BI tools 62. In anembodiment, BI tool 1 and BI tool 2 comprise APIs 16. Correspondingfeatures of the User Interface/Application 68 developed by the developermay be referred to as “BI tool 1 component” and “BI tool 2 component” ofthe BI tool components 66.

Referring to step 103, the developer may be prompted to or may otherwisechoose to cycle through a series of steps (104-109) once for eachselected tool. In the exemplary embodiment, the cycle is repeatedtwice—once for each of BI tool 1 and BI tool 2—as outlined below. Thesteps may be carried out by the CDP Admin services discussed above.

Referring to step 104, it may be determined whether there is apre-programmed or otherwise readily available sub space or startingpoint for the present BI tool 62. That is, it may be determined whetherthe application is pre-programmed with and/or may otherwiseautomatically determine a sub space or starting point pointing to one ormore pertinent resources on the BI tool 62 and/or datasource 64. In theexemplary embodiment, a sub space containing “Transaction Records” maybe considered pertinent.

If a sub space is automatically determined according to step 104,according to step 105 the sub space is set as the root (i.e., a subspace URI under which provisionable assets may be found) for the presentBI tool component 66. If not, according to step 106 the developer mayselect a default root for CDP configuration settings.

Referring to step 107, provisionable assets may be retrieved from thepresent BI tool 62 (via the corresponding adapter 70) using the rootdeveloped according to the above. The retrieved assets may comprise alisting of asset summaries, the assets themselves and/or a combinationof the foregoing. The retrieved assets may be displayed at the CDP adminUI.

Referring to step 108, the retrieved assets may be reviewed by thedeveloper, and the developer may select all or some for assignment to arole. In the exemplary embodiment, retrieved assets at the root of thepresent BI tool 62 may be reviewed for relevant BI data such as reportsand/or data relating to fraud detection, and the developer may selectsame for inclusion in the present BI tool component 66.

The developer may also use the CDP Admin services to make morefine-grained selections of how and what selected report(s)/data may beprovisioned by the User Interface/Application 68 when used by one ormore end users. For example, the developer may confine the scope of anend user's access and/or define one or more filters and/or automaticallyappended metadata for use in narrowing the portion(s) of the selectedassets the end user(s) may be provided access to.

Returning to an embodiment discussed above, the developer may configurethe User Interface/Application 68 to require that an argument beprovided indicating the ICA associated with any external client userbefore querying the present BI tool 62, effectively narrowing the dataprovided in the responsive results by ICA. One of ordinary skill willappreciate that any number of filters and/or parameters/arguments may beconfigured by the developer for operation with BI tool components withinthe scope of the present invention.

For another example, the developer may designate one or more typecategorizations and/or URIs in connection with one or more of theselected assets for consumption by the Command Manager component, asdiscussed in more detail above. For yet another example, the developermay configure the channel(s), format, content, timing and other aspectsof notifications to be made available to end users of a UserInterface/Application 68. It is foreseen that any number of additionaldetails may be specified with respect to selected assets—including byadding additional metadata regarding the selected assets to enableoperation of other components of the platform 60—without departing fromthe spirit of the present invention.

Referring to step 109, it may be determined whether any additionalassets are provisionable by the designated tools, and the cycledescribed above may be repeated for each remaining designated tool forwhich asset selection has not been completed. In the exemplaryembodiment, the steps 103-109 are repeated twice—once each for BI tool 1and BI tool 2. If no additional selected tools remain to be addressed,the method may proceed from the cycle of steps 103-109.

Referring to step 110, the platform 60 may consolidate the selectedassets and create FGAs representing same. That is, the developerselections, configurations, and metadata gathered during development ofthe BI tool components 1, 2 may be consolidated for collectiveinvocation in response to queries. In the exemplary embodiment, all ofthe developer selections, configurations, and metadata gathered duringdevelopment of the BI tool components 1, 2 may be consolidated andidentified for collective use by the User Interface/Application 68. Moreparticularly, the unique set of assets and related configurations andmetadata may be consolidated for use as “Fraud Detection” data availablevia the User Interface/Application 68.

Referring to step 111, adapters corresponding to the tools providing theselected assets may be invoked to create appropriate role assignment(s).In the exemplary embodiment, this may include each adapter 70instructing the Object Mapper to associate one or more FGAs defined atleast in part by the developer with a selected and/or new roledesignated by the developer, for example in the access database, the CDPResource Repository component, and/or at each implicated BI tool 62storing end user access data. The adapter(s) 70 may also pass referenceinformation to the BI tool(s) 62 to enable the BI tool(s) 62 tospecifically request end user rights data from the access database toauthorize end user queries.

Each adapter 70 may additionally configure an appropriate query forretrieving selected assets—according to the developer'sselections/configurations/FGAs—from the corresponding BI tool 62 and/ormay instruct the Object Mapper to associate one or more types and/orURIs with one or more of the selected assets for use by the CommandManager. It is foreseen that a number of operations may be performed toconvert the consolidated assets and associated configurations/settingsselected by the developer into scripted instructions and databaseentries (for example) that may be automatically executed by the UserInterface/Application 68 each time the selected assets are requested byan end user.

Referring to step 112, each adapter may confirm completion and return a“Complete” status indicator to the developer. The developer may,according to embodiments of the present invention, utilize the platform60 to unify access to provisionable assets across a plurality of BItools 62 employing a plurality of datasource structures, syntaxes,formats, languages or the like. Individual configurations, settingsand/or FGAs may be defined once by the developer and propagatedautomatically across the various BI tools 62 into automated scripts anddatabase entries for automated querying of restricted-access datasources64 upon end user demand. Further, data filters and queries issued by theend user may be automatically propagated across the various BI tools 62for automated querying of restricted-access datasources 64.

The method may include additional, less, or alternate steps and/ordevice(s), including those discussed elsewhere herein. For example, inembodiments where at least some end user authentication/authorizationinformation is stored at the level of BI tools 62, the Admin servicesmay be configured to automatically propagate any changes to an enduser's authentication/authorization information across such BI tools 62.An administrator may edit the access database to reflect a change in anend user's status and/or authentication/authorization. The end user mayremain in the same role, but may be assigned a new or alternative ICAwhich may be input by the administrator into the access database. Theend user may switch roles and the administrator may input the new roleinto the access database. In each case, the Admin services and/ordatabase management software may be configured to automatically set apropagation flag noting the change by the administrator and/or theadministrator may make a manual selection of a desire for further actionto be taken based on the change. The Admin services may also beconfigured to automatically propagate the changes to the end user'sauthentication/authorization from the access database based on the flag.For instance, the Admin services may periodically or continuously scanthe access database for flags denoting unpropagated changes in one ormore fields of the access database. For each such field referenced by achange flag, the Admin services may automatically invoke the adapters 70and request that instructions be conveyed for corresponding revisions toend user access rights stored by each such BI tool 62.

Exemplary Computer-Implemented Database Query Method

FIG. 9 depicts a flowchart including a listing of steps of an exemplarycomputer-implemented method 200 for search aggregation, querypropagation and result ranking. The steps may be performed in the ordershown in FIG. 9, or they may be performed in a different order.Furthermore, some steps may be performed concurrently as opposed tosequentially. In addition, some steps may be optional.

The computer-implemented method 200 is described below, for ease ofreference, as being executed by exemplary devices and componentsintroduced with the embodiments illustrated in FIGS. 1-7 and 9-10. Forexample, the steps of the computer-implemented method 200 may beperformed by the computers 10, 12, the servers 14, the APIs 16 and thenetworks 18, 20 through the utilization of processors, transceivers,hardware, software, firmware, or combinations thereof. However, a personhaving ordinary skill will appreciate that responsibility for all orsome of such actions may be distributed differently among such devicesor other computing devices without departing from the spirit of thepresent invention. One or more computer-readable medium(s) may also beprovided. The computer-readable medium(s) may include one or moreexecutable programs stored thereon, wherein the program(s) instruct oneor more processing elements to perform all or certain of the stepsoutlined herein. The program(s) stored on the computer-readablemedium(s) may instruct the processing element(s) to perform additional,fewer, or alternative actions, including those discussed elsewhereherein.

Initially, a datasource query may be initiated. An end user may access aUser Interface/Application 68 to initiate the query, an automatedScheduler component may initiate the query, another server may initiatethe query, or the query may be otherwise initiated within the scope ofthe invention. The datasource query may comprise descriptive dataregarding assets an end user would like to retrieve at least in part bysearching one or more restricted-access datasources 64. In anembodiment, the end user may access the User Interface/Application 68 toenter and/or select search criteria (e.g., a natural language searchstring) that causes initiation of the datasource query. For example, theend user may submit “debit transaction summary” as a search string intothe User Interface/Application 68 built for “Fraud Detection.”

Referring to step 201, the datasource query may be passed to anAuthentication Layer of the platform 60, which may validate the enduser. In an embodiment, the Authentication Layer may comprise and/orwork in conjunction with the Authentication component of the platform 60discussed above. For example, a security token associated with the enduser (whether submitted in-session or stored in association with thequery) may be validated. One of ordinary skill will appreciate that theAuthentication Layer may validate the end user in connection with thedatasource query according to a variety of protocols within the scope ofthe present invention.

Referring to step 202, the datasource query may be passed to anAuthorization Layer, which may comprise and/or operate in conjunctionwith the Authorization component, the Prompt Handler component and/orthe Object Mapper component discussed above and may add provisioningdetails for the end user in context. For instance, the provisioningdetails may cause otherwise responsive data and/or data types to befiltered from results presented to the end user because of insufficientaccess rights. In an embodiment, the platform 60 may obtain identityinformation translated from a token presented by the end user accordingto the common authentication management framework discussed above. Theplatform 60 may look up the identity information in the access database(and/or in a user table) to match the identity information against aknown individual and/or group and retrieve associated roles and/or FGAs.The retrieved roles and/or FGAs may be appended as metadata to thedatasource query or otherwise passed in connection with the datasourcequery.

The Authorization Layer may append other metadata and information to thedatasource query. For instance, the appended metadata may includeresource path information for each BI tool 62 and/or datasource 64 to bequeried, which may be formatted as a sub-space address or root withoutdeparting from the spirit of the present invention. Such metadata may beprovided by the CDP Resource Repository component. It is foreseen thatthe Authorization Layer may append additional metadata to aid in thesubmission of the datasource query to the BI tools 62 and/or in theinterpretation and/or ranking of results without departing from thespirit of the present invention.

Referring to step 203, the Authorization Layer may—alone or inconjunction with the Notifications/FCM browser component—validate thesearch query for sensitive information. In an embodiment, theAuthorization Layer and/or Notifications/FCM browser component mayimplement sensitive data business rules to scan the appended query andcontrol rejection, redaction, replacement and/or submission operationsaccording to the rules. The Authorization Layer may validate the searchquery utilizing an approach similar to that outlined below in connectionwith FIGS. 10-11 or may utilize other approaches without departing fromthe spirit of the present invention.

Referring to step 204, the appended query may be passed to a ResourceRouter Layer, which may invoke downstream adapters that correspond to BItools to be invoked by the appended query. For instance, the developerof the User Interface/Application 68 may have respectively designatedsubspaces of BI tools 1, 3 and 4 for searches of the type initiated bythe end user, but the provisioned role/FGA information of the appendedquery may not include access to the data of BI tool 3. The ResourceRouter Layer may therefore invoke downstream adapters 70 correspondingto BI tools 1 and 4 (and not BI tool 3). One of ordinary skill willappreciate that many protocols and methodologies for routing queriesacross multiple APIs according to this description may be within thescope of the present invention.

Each invoked adapter 70 may translate the appended query according tothe syntax, data, format and/or language requirements of thecorresponding queried BI tool 62. For instance, each invoked adapter maytranslate a natural language search string of the end user to aproperly-formatted string query including parameters, arguments and/orresource names appropriate for the corresponding BI tool 62. In anembodiment, end user selections and/or queries may be translated to moreappropriate input for each BI tool 62 using, for example, semanticmatching operator software such as open source S-MATCH™ tools offered asof the filing date of this disclosure under a Lesser General PublicLicense and/or according to mappings stored and implemented by theObject Mapper component. For instance, an adapter 70 may bepre-configured to utilize a semantic matching operator and/or the ObjectMapper component to translate one or more words or phrases of naturallanguage search strings to correspond more closely or exactly to theparameters, arguments, resource names and/or identifiers employed by theBI tool 62. As a particular example, the adapter 70 may bepre-configured—e.g., through accessing records describing theprovisionable assets located according to processes outlined above—totranslate “cardholder events” into “Transaction Records” and therebyreduce false negative search results.

The translated queries may respectively be submitted—along with resourcepath information and/or authentication/authorization information asappropriate—to each of the queried BI tools 62. The adapter(s) 70 and/orthe Authorization Layer may also be configured to satisfy any recurringauthentication/authorization protocols implemented by the various BItools 62, for example by periodically renewing and/or refreshingsecurity tokens to maintain access rights and privileges. In anembodiment, authorization information—e.g., the retrieved roles and/orFGAs determined according to the end user's identity information andappended to the datasource query as described above—may be relied on forgeneration of a plurality of security tokens respectively correspondingto each of the queried BI tools 62.

The queried BI tools 62 may respectively process the translatedquery—including by completing associated authentication/authorizationoperations described elsewhere herein—to generate lists of results. Thequeried BI tools 62 may incorporate the search string, role/FGAinformation, subspace resource paths and other information into searchoperations. One of ordinary skill will appreciate that the search may beconducted by the BI tools 62 in any number of ways—consistent with thecorresponding translated query—within the scope of the presentinvention. That is, APIs may implement a wide variety of retrievalmethodologies and processes without departing from the scope of thepresent invention. In an embodiment, existing text search tools offeredby vendor BI tools 62 may be utilized.

Each list of results may, for example, include a plurality of entries.Each entry may refer to or include a data set matching the translatedquery. Each entry may include metadata about the data set and/or theoriginating resource path and/or BI tool 62. Each entry may also includea synopsis or snapshot of a small portion of the data set for optionalpresentation to the end user. It is foreseen that a wide variety ofmetadata may be appended to and/or made available with the resultswithout departing from the spirit of the present invention. In anembodiment, the queried BI tools 62 may add a unique identifier to eachretrieved entry.

The queried BI tools 62 may transmit the lists of entries to thecorresponding adapters 70. The corresponding adapters 70 may translatethe lists of entries into a universal format determined by the platform60 broadly and/or developer settings more particularly. For example, theadapters 70 may be configured to translate and/or reconfigure the listsof entries so as to conform with a universal format for internal use bythe platform 60. In an embodiment, originating resource path and/or BItool 62 metadata may be added to each entry and/or each list of resultsby the corresponding adapters 70.

Referring to step 205, the adapters 70 may pass the translated resultslists to a Search Aggregator component, which may analyze the resultslists and append metadata thereto. For example, the Search Aggregatorcomponent may reformat resource path information received from thecorresponding adapter 70 into a destination address for each entry(e.g., providing a link for end user interaction/retrieval). For otherexamples, the Search Aggregator component may append metadata theresults regarding: usage metrics regarding previous user requests foreach entry (e.g., as measured across all users of the platform 60 overtime), which may be categorized by user role and/or group identification(e.g., to facilitate better-tailored ranking by relevance to the enduser); access time and date metrics of at least some of the foregoingusage data (e.g., to prioritize ranking of entries more recentlypopular); costs associated with end user access/use (e.g., as determinedunder one or more data licenses); age of the asset format or typerepresented by each entry (e.g., newer resource/asset types may beranked higher); average user access level/role metrics; and the like.Other metadata useful for ranking, linking and/or presentationoperations may be appended by the Search Aggregator component withoutdeparting from the spirit of the present invention.

Referring to step 206, the Search Aggregator component may pass theappended results lists to a Search Ranking component. The Search Rankingcomponent may consume the results lists and appended metadata togenerate—alone or in conjunction with the Command Manager component—oneor more ranked lists. For instance, the Search Ranking component mayexecute a default ranking algorithm employing weighted factorsrepresenting and/or consuming the appended metadata outlined above. TheSearch Ranking component may also incorporate any rules propagated underand/or may implement the instructions of the Command Manager componentto override the ranking output by the default algorithm.

One of ordinary skill will appreciate that any number of weightingsand/or factors may be implemented in the ranking algorithm within thescope of the present invention. For instance, standard relevance rankingfactor(s) may be incorporated into the default ranking algorithm withoutdeparting from the spirit of the present invention. It is foreseen thatthe various factors, weightings, rules and the like implemented bySearch Ranking component may be selected by the developer and/or bydefault according to platform 60 settings without departing from thespirit of the present invention. Moreover, one of ordinary skill willappreciate that one or more ranked lists may be output by the SearchRanking component without departing from the spirit of the presentinvention. In an embodiment, a single combined list of results (entries)commonly ranked under the algorithm may be output by Search Ranking.

The output search result list(s) of entries may be passed to the UserInterface/Application 68 and/or via one or more notification channelsfor display to the end user and/or storage on an end user electronicdevice 12. Each entry may include a title, synopsis and/or destinationaddress. Each entry may include more or fewer metadata without departingfrom the spirit of the present invention.

The end user may be permitted to select one or more of the entries, andto take further action as permitted according to developer settings. Forexample, the end user may click a link associated with an entry to visitthe destination address for the entry and view the corresponding dataset. For another example, the end user may select the entry andconfigure a recurring datasource query (e.g., in the form of a recurringreport including the selected data set as it exists within thecorresponding datasource 64 at each recurrence). For still anotherexample, the end user may be permitted to configure one or morenotifications for transmission when triggered by one or more statuschanges relating to processing of such recurring query(ies) (seediscussion of the Notifications/FCM Browser Push component above and ofFIGS. 10-11 below). The end user may select one or more channel(s),provide content for body message(s) and/or one or more notificationtitle(s), select all or some fields that should be included to representresponsive results and/or metrics, apply one or more markers to one ormore fields, and perform other customizations, selections and/orconfigurations. Some or all aspects of configuring notifications may beshifted from developer to end user (or vice versa) without departingfrom the spirit of the present invention. One of ordinary skill willappreciate that an end user may be permitted a variety of uses of theentries and/or the underlying datasets within the scope of the presentinvention.

According to embodiments of the present invention, individual filters,search queries, user login operations and the like may be input once bythe end user and propagated automatically as search queries across thevarious BI tools 62. Moreover, responsive results may be automaticallygathered from the various BI tools 62 and translated, converted and/orotherwise reformatted into a common form and ranked by the platform forpresentation to the end user. The method may include additional, less,or alternate steps and/or device(s), including those discussed elsewhereherein.

Exemplary Computer-Implemented Secure Notification Method

FIG. 11 depicts a flowchart including a listing of steps of an exemplarycomputer-implemented method 300 for generating and transmitting jobstatus notifications to end users. The steps may be performed in theorder shown in FIG. 11, or they may be performed in a different order.Furthermore, some steps may be performed concurrently as opposed tosequentially. In addition, some steps may be optional.

The computer-implemented method 300 is described below, for ease ofreference, as being executed by exemplary devices and componentsintroduced with the embodiments illustrated in FIGS. 1-7 and 9-10. Forexample, the steps of the computer-implemented method 300 may beperformed by the computers 10, 12, the servers 14, the APIs 16 and thenetworks 18, 20 through the utilization of processors, transceivers,hardware, software, firmware, or combinations thereof. However, a personhaving ordinary skill will appreciate that responsibility for all orsome of such actions may be distributed differently among such devicesor other computing devices without departing from the spirit of thepresent invention. One or more computer-readable medium(s) may also beprovided. The computer-readable medium(s) may include one or moreexecutable programs stored thereon, wherein the program(s) instruct oneor more processing elements to perform all or certain of the stepsoutlined herein. The program(s) stored on the computer-readablemedium(s) may instruct the processing element(s) to perform additional,fewer, or alternative actions, including those discussed elsewhereherein.

Referring initially to the flowchart of FIG. 10, a secure notificationmethod of embodiments of the present invention may generally beperformed via end user or consumer applications, a notification service,a status manager, a cloud notification hub, a simple mail transferprotocol (SMTP), and/or a FIREBASE® cloud messaging (FCM) push server orthe like. (FIREBASE® is a registered trademark of Google, Inc.) In anembodiment, the consumer application may comprise and/or work inconjunction with the User Interface/Application 68, the notificationservice may comprise and/or work in conjunction with theNotifications/FCM browser push component of the platform 60, and thestatus manager may comprise and/or work in conjunction with the StatusManager component of the platform 60.

Referring to step 301, a notification request may be initiated. In anembodiment, this may comprise an end user input to and/or an output ofan automated function of, the User Interface/Application 68. Asdiscussed in more detail above, the Notifications/FCM browser pushcomponent may receive the notification request. The notification requestmay include specification of one or more of the appropriate channel(s),content, timing and other characteristics of the requestednotification(s).

Referring to step 302, the notification service may await a job statuschange corresponding to the notification request. For example, if thenotification request relates to an end user's desire to be notified onceresults of a datasource 64 query become available, the Notifications/FCMbrowser push component may implement a rule for monitoring a data fieldof the job database for a “Query Processed—Results Available” statusflag, alone and/or in conjunction with the Status Manager component.

The Notifications/FCM browser push component may also direct storage ofthe channel(s), content, timing and other characteristics of therequested notification(s) in the job database in association with thejob(s) being monitored. In an embodiment, the characteristics of therequested notification(s) may be at least partly determinedautomatically by default settings for the requested notification(s)and/or by end user or developer input.

In an embodiment, the developer and/or end user may designate one ormore fields of a notification and/or of responsive results withsensitive data markers. The sensitive data markers may be standardmarkers configured for use across the platform 60 according to a commonsyntax. For instance, each developer and/or end user may be provided anoption to tag—via the Application UI Layer and/or the CDP admin UI—oneor more text fields with one or more standardized markers recognized bythe Notifications/FCM browser push component. In an embodiment, themarkers may comprise: “Sensitive—Always Redact,” “Sensitive—RedactInsecure Channels,” “Sensitive—No Redaction/Ignore,” and so on and soforth.

The markers may be data-agnostic. That is, the markers may be applied tophysically empty text fields with the understanding that once anotification is generated and/or responsive results are retrieved, thetext that will populate the marked fields will be of the varietyindicated by the marker. The markers may also be conditioned on the dataultimately populating a text field. For instance, the developer and/orend user may configure and/or select one or more rules for parsing thedata ultimately populating a text field of a notification, for exampleusing a marker labeled “Conditionally Sensitive—Check for SocialSecurity Number.” In this manner, the end user and/or developer mayfine-tune the parsing operations of the Notifications/FCM browser pushcomponent to save processing time and produce fewer false positivesand/or false negatives. Further, the notification(s) may contain stocktext and/or data that will always appear—such as an end user employee'sinternal ID number—and such text field(s) may therefore be confidentlylabeled with a marker (e.g., “Sensitive—Redact Insecure Channels”). Oneof ordinary skill will appreciate that a variety of markers and fieldsmay be implemented within the scope of the present invention.

Markers may be stored at the direction of the Notifications/FCM browserpush component in the job database. It is foreseen that the markers maybe stored elsewhere—such as in the CDP Resource Repositorycomponent—and/or at the direction of a different component of theplatform 60 without departing from the spirit of the present invention.

Referring to step 303, once the appropriate status occurs thenotification service may determine one or more channels for notificationdelivery. In an embodiment, the Notifications/FCM browser push componentmay identify the “Query Processed—Results Available” flag in a field ofthe job database corresponding to the monitored job and may referenceone or more other fields of the record to determine one or more channelsthrough which to send the requested notification. For example, the enduser may have requested notifications be provided via web browser, emailand mobile mediums. The Notifications/FCM browser push component mayalso receive and/or generate an initial version of the content of therequested notification—e.g., in the form of a body message and,optionally, all or some of the responsive results. The initial versionof the content may be generated at least in part by referencing therequested notification metadata outlined above and stored in the jobdatabase.

For example, the body message may populate one or more text fields,reading: “Hello [Insert End User Name], Your [Insert Data Report Title]has been updated for the month of [Insert Data Timeframe] and is nowavailable at [Insert URI]. The Report may be accessed using your [InsertEmployee ID#] username and password.” Exemplary responsive resultsand/or summarized data fields and/or metrics may be included with thebody message in one or more text and/or graphical fields, for example.One or more of the aforementioned fields—for example, [Insert EmployeeID#]—may be designated by the developer with a marker such as“Sensitive—Redact Insecure Channels.”

Referring to step 304, the initial version of the content of therequested notification may be analyzed for markers, for example as partof a notification finalization process. In an embodiment, theNotifications/FCM browser push component may first scan the initialversion of the content and identify one or more markers placed by theend user and/or according to developer customization(s). For example,the marker “Sensitive—Redact Insecure Channels” attached to the [InsertEmployee ID#] text field may be recognized and recorded for potentialfuture action. For another example, a customized marker such as“Conditionally Sensitive—Check for Social Security Number” may berecognized as attached to a responsive results summary field of theinitial version of the notification and recorded.

Referring to step 305, the initial version of the content of therequested notification may be analyzed more generally for contentdetermined to be “sensitive” according to one or more rules. TheNotifications/FCM browser push component may implement a variety ofrules for parsing text data or the like to identify likely sensitivedata. In an embodiment, pattern matching algorithms—such as brute force,linear-time exact, regular expression algorithms or the like and/orcombinations of the foregoing—may be employed to detect sensitiveinformation in the initial version of the content. For example, data maybe of the form XX/XX/XXXX—where “X” represents a number—and thereforemay be marked as potentially being a date of birth. For another example,data may be of the form XXX-XX-XXXX and therefore may be marked aspotentially being a social security number. The Notifications/FCMbrowser push component may also implement one or more algorithmsaccording to developer/end user markers, such as where a particularalgorithm for recognizing social security numbers is utilized to scanthe field marked by the developer/end user with “ConditionallySensitive—Check for Social Security Number.” One of ordinary skill willappreciate that a wide variety of algorithms and automated functions maybe used to identify potentially sensitive data within the scope of thepresent invention.

Referring to step 306, the results of scanning the initial version ofthe content may be used to determine whether any additional, unmarkedsensitive content was found. Referring to step 307, markers may be addedto reflect the results. If one or more scanning algorithms identifyactual or likely sensitive data in one or more fields of the initialversion of the requested notification, the Notifications/FCM browserpush component may apply a marker to the field(s) according to one ormore rule(s). For example, fields considered likely to contain socialsecurity number(s) may be marked “Sensitive—Always Redact” whereasfields considered likely to contain customer account numbers may bemarked “Sensitive—Redact Insecure Channels.”

Referring to step 308, a series of actions may be initialized tofinalize a notification for each subscribed channel. In an embodiment,the Notifications/FCM browser push component may access and/or determinethe subscribed channel(s) and call, import and/or execute apre-determined series of actions for preparing a finalized notificationfor each such subscribed channel.

Referring to steps 309-310, for a web browser notification it may bedetermined whether the requesting end user has been active and/or loggedin within a pre-determined period. The platform 60 may, for example,periodically and/or continuously receive and record end user activityinformation from: inputs and/or user requests submitted to the platform60; browser plugins, add-ons, extensions and/or other agent softwareinstalled on computers 12; and/or the common authentication managementframework. The Notifications/FCM browser push component may estimate,based on such information, whether it is likely that the end user may beavailable to view the web browser notification in real-time iftransmitted. The pre-determined period may be one (1) minute, though thelength may vary based, for example, on the average degree of sensitivityof the data subject to redaction.

Referring to step 311, if the end user activity does not satisfy thedetermination outlined above, corresponding redaction may be made to theinitial version of the content. For example, the Notifications/FCMbrowser push component may reference all markers attached to the initialversion and perform all unconditional redactions and all conditionalredactions dependent on the channel being deemed presently insecure(i.e., inactive user in a web browser channel). The performance of suchredaction(s), and any other configurations and/or customizations flowingtherefrom, may constitute finalization of the web browser notification.Alternatively, rather than redacting and sending a notification if theend user activity does not satisfy the determination outlined above, theNotifications/FCM browser may delay transmission until the determinationis satisfied or may cancel the notification.

Referring to step 312, if the end user activity satisfied thedetermination outlined in connection with step 310, correspondingredaction may be made to the initial version of the content. Forexample, the Notifications/FCM browser push component may reference allmarkers attached to the initial version and perform all unconditionalredactions (i.e., those to be made even for presently secure web browserchannel notifications). The performance of such redaction(s), and anyother configurations and/or customizations flowing therefrom, mayconstitute finalization of the web browser notification. Referring tostep 313, the finalized web browser notification may be output and theappropriate web browser notification service may be invoked fortransmission. (See FIG. 10)

Referring to step 314, it may be determined whether one or morefinalized notifications remain to be sent across additional channel(s).Referring to step 315, it may be determined whether an end user hasrequested delivery of a finalized notification via email. Referring tostep 316, if the end user has requested an email notification, it may bedetermined whether the identified email service and/or server aresecure. In an embodiment, a list of secure email services (e.g.,utilizing mutual keys) may be compared against the end user-specifiedemail address to determine whether the service is secure. It is foreseenthat a variety of methods for determining whether an email service issecure may be used without departing from the spirit of the presentinvention. If the email service is determined to be secure, the initialversion of the notification may be modified by performance of onlyunconditional redactions (see description of step 312 above) and, ifnot, the insecure channel redaction steps may be performed (seedescription of step 311 above). An appropriate channel for transmittingthe resulting finalized email notification may be invoked (seedescription of step 313 above).

Referring to steps 317-318, if the end user has requested a mobilenotification, it may be determined whether factors/conditions indicatesecure delivery is possible. For instance, the Notifications/FCM browserpush component may be pre-configured with and/or may reference developerconfigurations/settings for determining secure circumstances fordelivery. The developer may have previously indicated one or morefactors and/or conditions—such as login status, recipient device type,recipient device operating system, etc.—governing whether a securemobile notification may be completed. If the factors and/or conditionsfor secure delivery are satisfied, the initial version of thenotification may be modified by performance of only unconditionalredactions (see description of step 312 above) and, if not, the insecurechannel redaction steps may be performed (see description of step 311above). An appropriate channel for transmitting the resulting finalizedmobile notification may be invoked (see description of step 313 above).

Referring to steps 319-320, if the end user has requested an SMSnotification, it may be determined whether factors/conditions indicatesecure delivery is possible. For instance, the Notifications/FCM browserpush component may be pre-configured with and/or may reference developerconfigurations/settings for determining secure circumstances fordelivery. The developer may have previously indicated one or morefactors and/or conditions governing whether a secure SMS notificationmay be completed. If the factors and/or conditions for secure deliveryare satisfied, the initial version of the notification may be modifiedby performance of only unconditional redactions (see description of step312 above) and, if not, the insecure channel redaction steps may beperformed (see description of step 311 above). An appropriate channelfor transmitting the resulting finalized SMS notification may be invoked(see description of step 313 above).

It should be noted that the order of finalizing notifications across thevarious channels outlined herein can vary without departing from thescope of the present invention. Once finalized notifications have beentransmitted for all end user-requested channels, the Notifications/FCMbrowser push component may record completion of report-out functionscorresponding to the requested notifications and the requested jobstatus/job in the job database.

The Notifications/FCM browser push component may also receive input inreply to one or more of the transmitted notifications, such as where theuser requests the Notifications/FCM browser push component to change astatus flag in the job database in reply to the transmittednotification(s). For example, where “Job Error” notifications weretransmitted, the transmitted notifications may have queried the end userto select either “Resubmit Job” or “Dismiss Job for this DataTimeframe.” The resulting selection by the end user may be received bythe Notifications/FCM browser push component, which may enter acorresponding status flag in the job database to signal to the othercomponents of the platform 60 (e.g., the Status Manager) regardingremaining actions to be taken regarding the job and/or datasource 64query.

Another type of input received from end users may comprise indicationsof false positive and/or false negative markers. For instance, where aredaction has occurred in error and/or where a redaction should haveoccurred but did not, the end user may provide feedback indicating sameto the developer and/or platform 60 more broadly. If the errors resultedfrom an end user selection and/or erroneously placed developer/end usermarker, the platform 60 may make corresponding corrections to themarkers of the notifications. If the errors resulted from the output ofa scanning algorithm employed by the platform—e.g., where a patternmatching algorithm failed to recognize sensitive data—the platform 60may automatically adjust the weightings and/or other aspects of theoffending algorithm(s) to address the error. Such correction mayoptionally be implemented in conjunction with and/or through executionof a machine learning program. The machine learning program may includecurve fitting, regression model builders, convolutional or deep learningneural networks, Bayesian machine learning techniques, or the like. Themachine learning program may associate patterns from end user feedbackwith scanning algorithm characteristics and/or outputs to informrecognition of error patterns, iteratively improving such scanningalgorithm(s).

Individual notification configurations, settings and/or contents may bedefined once by the developer and/or end user and propagatedautomatically across jobs invoking various BI tools 62 and across time.The method may include additional, less, or alternate steps and/ordevice(s), including those discussed elsewhere herein.

Additional Considerations

In this description, references to “one embodiment”, “an embodiment”, or“embodiments” mean that the feature or features being referred to areincluded in at least one embodiment of the technology. Separatereferences to “one embodiment”, “an embodiment”, or “embodiments” inthis description do not necessarily refer to the same embodiment and arealso not mutually exclusive unless so stated and/or except as will bereadily apparent to those skilled in the art from the description. Forexample, a feature, structure, act, etc. described in one embodiment mayalso be included in other embodiments, but is not necessarily included.Thus, the current technology can include a variety of combinationsand/or integrations of the embodiments described herein.

Throughout this specification, plural instances may implementcomponents, operations, or structures described as a single instance.Although individual operations of one or more methods are illustratedand described as separate operations, one or more of the individualoperations may be performed concurrently, and nothing requires that theoperations be performed in the order illustrated. Structures andfunctionality presented as separate components in example configurationsmay be implemented as a combined structure or component. Similarly,structures and functionality presented as a single component may beimplemented as separate components. These and other variations,modifications, additions, and improvements fall within the scope of thesubject matter herein.

Certain embodiments are described herein as including logic or a numberof routines, subroutines, applications, or instructions. These mayconstitute either software (e.g., code embodied on a machine-readablemedium or in a transmission signal) or hardware. In hardware, theroutines, etc., are tangible units capable of performing certainoperations and may be configured or arranged in a certain manner. Inexample embodiments, one or more computer systems (e.g., a standalone,client or server computer system) or one or more hardware modules of acomputer system (e.g., a processor or a group of processors) may beconfigured by software (e.g., an application or application portion) ascomputer hardware that operates to perform certain operations asdescribed herein.

In various embodiments, computer hardware, such as a processing element,may be implemented as special purpose or as general purpose. Forexample, the processing element may comprise dedicated circuitry orlogic that is permanently configured, such as an application-specificintegrated circuit (ASIC), or indefinitely configured, such as an FPGA,to perform certain operations. The processing element may also compriseprogrammable logic or circuitry (e.g., as encompassed within ageneral-purpose processor or other programmable processor) that istemporarily configured by software to perform certain operations. Itwill be appreciated that the decision to implement the processingelement as special purpose, in dedicated and permanently configuredcircuitry, or as general purpose (e.g., configured by software) may bedriven by cost and time considerations.

Accordingly, the term “processing element” or equivalents should beunderstood to encompass a tangible entity, be that an entity that isphysically constructed, permanently configured (e.g., hardwired), ortemporarily configured (e.g., programmed) to operate in a certain manneror to perform certain operations described herein. Consideringembodiments in which the processing element is temporarily configured(e.g., programmed), each of the processing elements need not beconfigured or instantiated at any one instance in time. For example,where the processing element comprises a general-purpose processorconfigured using software, the general-purpose processor may beconfigured as respective different processing elements at differenttimes. Software may accordingly configure the processing element toconstitute a particular hardware configuration at one instance of timeand to constitute a different hardware configuration at a differentinstance of time.

Computer hardware components, such as transceiver elements, memoryelements, processing elements, and the like, may provide information to,and receive information from, other computer hardware components.Accordingly, the described computer hardware components may be regardedas being communicatively coupled. Where multiple of such computerhardware components exist contemporaneously, communications may beachieved through signal transmission (e.g., over appropriate circuitsand buses) that connect the computer hardware components. In embodimentsin which multiple computer hardware components are configured orinstantiated at different times, communications between such computerhardware components may be achieved, for example, through the storageand retrieval of information in memory structures to which the multiplecomputer hardware components have access. For example, one computerhardware component may perform an operation and store the output of thatoperation in a memory device to which it is communicatively coupled. Afurther computer hardware component may then, at a later time, accessthe memory device to retrieve and process the stored output. Computerhardware components may also initiate communications with input oroutput devices, and may operate on a resource (e.g., a collection ofinformation).

The various operations of example methods described herein may beperformed, at least partially, by one or more processing elements thatare temporarily configured (e.g., by software) or permanently configuredto perform the relevant operations. Whether temporarily or permanentlyconfigured, such processing elements may constitute processingelement-implemented modules that operate to perform one or moreoperations or functions. The modules referred to herein may, in someexample embodiments, comprise processing element-implemented modules.

Similarly, the methods or routines described herein may be at leastpartially processing element-implemented. For example, at least some ofthe operations of a method may be performed by one or more processingelements or processing element-implemented hardware modules. Theperformance of certain of the operations may be distributed among theone or more processing elements, not only residing within a singlemachine, but deployed across a number of machines. In some exampleembodiments, the processing elements may be located in a single location(e.g., within a home environment, an office environment or as a serverfarm), while in other embodiments the processing elements may bedistributed across a number of locations.

Unless specifically stated otherwise, discussions herein using wordssuch as “processing,” “computing,” “calculating,” “determining,”“presenting,” “displaying,” or the like may refer to actions orprocesses of a machine (e.g., a computer with a processing element andother computer hardware components) that manipulates or transforms datarepresented as physical (e.g., electronic, magnetic, or optical)quantities within one or more memories (e.g., volatile memory,non-volatile memory, or a combination thereof), registers, or othermachine components that receive, store, transmit, or displayinformation.

As used herein, the terms “comprises,” “comprising,” “includes,”“including,” “has,” “having” or any other variation thereof, areintended to cover a non-exclusive inclusion. For example, a process,method, article, or apparatus that comprises a list of elements is notnecessarily limited to only those elements but may include otherelements not expressly listed or inherent to such process, method,article, or apparatus. Further, unless expressly stated to the contrary,“or” refers to an inclusive or and not to an exclusive or. For example,a condition A or B is satisfied by any one of the following: A is true(or present) and B is false (or not present), A is false (or notpresent) and B is true (or present), and both A and B are true (orpresent).

The patent claims at the end of this patent application are not intendedto be construed under 35 U.S.C. § 112(f) unless traditionalmeans-plus-function language is expressly recited, such as “means for”or “step for” language being explicitly recited in the claim(s).

Although the invention has been described with reference to theembodiments illustrated in the attached drawing figures, it is notedthat equivalents may be employed and substitutions made herein withoutdeparting from the scope of the invention as recited in the claims.

We claim:
 1. A computer-implemented method for secure multi-datasourcequery job status notification comprising, via one or more transceiversand/or processors: automatically accessing notification characteristicsfor a query job status; automatically determining occurrence of thequery job status; automatically generating an initial version of anotification at least in part based on the notification characteristics;automatically determining a present security level by analyzing at leastone of end user activity and an aspect of an end user computing device;automatically generating a final version of the notification at least inpart by redacting the initial version based on the present securitylevel; and automatically directing transmission of the final version ofthe notification to the end user computing device.
 2. Thecomputer-implemented method of claim 1, wherein the determined query jobstatus reflects completion of a query propagated across a plurality ofdatasources.
 3. The computer-implemented method of claim 1, whereinredacting the initial version includes recognizing an unconditionalredaction marker referencing a text field of the initial version andredacting one or more characters populating the text field.
 4. Thecomputer-implemented method of claim 1, wherein redacting the initialversion includes recognizing a redaction marker conditioned on thepresent security level, determining that the present security level doesnot satisfy a condition of the redaction marker, and redacting one ormore characters populating a text field referenced by the redactionmarker.
 5. The computer-implemented method of claim 1, furthercomprising automatically scanning the initial version of thenotification using a pattern matching algorithm, identifying a textfield containing sensitive data, and applying a marker to the text fieldcorresponding to the identification by the pattern matching algorithm.6. The computer-implemented method of claim 5, wherein the patternmatching algorithm is specified by an initial marker applied by the enduser.
 7. The computer-implemented method of claim 1, wherein generationof the finalized version of the notification includes scanning portionsof the initial version for sensitive information, the scanned portionsnot including a text field referenced by a marker applied by the enduser.
 8. A system for secure multi-datasource query job statusnotification, the secure notification system comprising one or moreprocessors individually or collectively programmed to: automaticallyaccess notification characteristics for a query job status;automatically determine occurrence of the query job status;automatically generate an initial version of a notification at least inpart based on the notification characteristics; automatically determinea present security level by analyzing at least one of end user activityand an aspect of an end user computing device; automatically generate afinal version of the notification at least in part by redacting theinitial version based on the present security level; and automaticallydirect transmission of the final version of the notification to the enduser computing device.
 9. The secure notification system of claim 8,wherein the determined query job status reflects completion of a querypropagated across a plurality of datasources.
 10. The securenotification system of claim 8, wherein redacting the initial versionincludes recognizing an unconditional redaction marker referencing atext field of the initial version and redacting one or more characterspopulating the text field.
 11. The secure notification system of claim8, wherein redacting the initial version includes recognizing aredaction marker conditioned on the present security level, determiningthat the present security level does not satisfy a condition of theredaction marker, and redacting one or more characters populating a textfield referenced by the redaction marker.
 12. The secure notificationsystem of claim 8, wherein the one or more processors are furtherindividually or collectively programmed to automatically scan theinitial version of the notification using a pattern matching algorithm,identify a text field containing sensitive data, and apply a marker tothe text field corresponding to the identification by the patternmatching algorithm.
 13. The secure notification system of claim 12,wherein the pattern matching algorithm is specified by an initial markerapplied by the end user.
 14. The secure notification system of claim 13,wherein generation of the finalized version of the notification includesscanning portions of the initial version for sensitive information, thescanned portions not including a text field referenced by a markerapplied by the end user.
 15. A non-transitory computer-readable storagemedia having computer-executable instructions for securemulti-datasource query job status notification stored thereon, whereinwhen executed by at least one processor the computer-executableinstructions cause the at least one processor to: automatically accessnotification characteristics for a query job status; automaticallydetermine occurrence of the query job status; automatically generate aninitial version of a notification at least in part based on thenotification characteristics; automatically determine a present securitylevel by analyzing at least one of end user activity and an aspect of anend user computing device; automatically generate a final version of thenotification at least in part by redacting the initial version based onthe present security level; and automatically direct transmission of thefinal version of the notification to the end user computing device. 16.The non-transitory computer-readable media of claim 15, whereinredacting the initial version includes recognizing an unconditionalredaction marker referencing a text field of the initial version andredacting one or more characters populating the text field.
 17. Thenon-transitory computer-readable media of claim 15, wherein redactingthe initial version includes recognizing a redaction marker conditionedon the present security level, determining that the present securitylevel does not satisfy a condition of the redaction marker, andredacting one or more characters populating a text field referenced bythe redaction marker.
 18. The non-transitory computer-readable media ofclaim 15, wherein the computer-executable instructions further cause theat least one processor to automatically scan the initial version of thenotification using a pattern matching algorithm, identify a text fieldcontaining sensitive data, and apply a marker to the text fieldcorresponding to the identification by the pattern matching algorithm.19. The non-transitory computer-readable media of claim 18, wherein thepattern matching algorithm is specified by an initial marker applied bythe end user.
 20. The non-transitory computer-readable media of claim15, wherein generation of the finalized version of the notificationincludes scanning portions of the initial version for sensitiveinformation, the scanned portions not including a text field referencedby a marker applied by the end user.